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CLAIMS 

A user authentication system comprising a 
registrati<^ station provided with an information acquisition 
device for obtaining biological individuality data for 
distinguishingXindividuality of a user, an authentication card 
issuing station that issues to the user a user authentication 
card recorded witri a divided part of the biological individuality 
data, an authentication access terminal provided with an 
authentication-card reader for reading the information of the 
user authentication card and an identity acquisition device for 
inputting biological inciividuality data of the user, and at least 
one certification authoriD^ that is connected to the 
authentication access termiraal through an information 
communication channel, whereiV the certification authority holds 
the record of the remaining par^ of the biological individuality 
data that have obtained at the registration station but not 
recorded in the user authenticatioh card, the recorded contents 
in the user authentication card read, out by the authentication 
card reader are compared with the biological individuality data 
of the user obtained on the spot through the identity acquisition 
device to authenticate identification oA the user at the 
authentication access terminal, and if a laigher level of 
authentication is required, the certif icatoion authority compares 
the biological individuality data of the usex obtained at the 
authentication access terminal with the part bf the biological 
individuality data missing in the user authentication card in 
response to inquiry from the authentication access terminal and 
sends the comparison result to the authenticationX access terminal 
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further authentication , 

2. A user authentication system according to claim 1, 
wherein\the user authentication card has an computing function 
and the computing function executes calculation of authenticating 
personal identification at the authentication access terminal. 
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3. A ilser authentication system according to claim 2, 
wherein the infoo^tion exchanged through the information 
communication chann>el is encrypted. 



4 . A user autft^ntication system according to any of 
^I nimn 1 thrnngH — whereYn the two or more certification 
authorities dividedly record part of the biological individuality 
data obtained at the registration station but not recorded in the 
user authentication card, and one certification authority 
compares the biological individuality data of the user input at 
the authentication access terminaA with the part of the 
biological individuality data storeoi in the certification 
authority in response to inquiry fronK the authentication access 
terminal or other certification authority for further 
authentication . 
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5 . A user authentication system according to any of 
c-^Pi\rx\^ 1 t-hj2 Q ngh 4^ whf^rf^i n the certif icatio\i authority is 



provided with a memory device for recording the biological 
individuality data obtained at the registration^ station . 



6\ A user authentication system according to any of 




h wherein plural kinds of biological 
individuality d^:a are registered so that different transactions 
can be conducted response to the kind of the input data. 



7 . A user authentication device comprising an 
authentication-card reader for reading out information recorded 
in an authenXication IC card, an identity acquisition device for 
inputting bioldgical individuality data of a user, a judgment 
device for checking the biological individuality data of the 
authentication IC ca^d read out by the authentication-card reade 
against the biological \Ln^fviduality data input on the spot 
through the identity acqi/pgjrxion device and for judging 
acceptance of the user, a cof^i^nunication unit for transmitting at 
least a part of the biological Individuality data of the user 
input through the identity acquisiXion unit to a certification 
authority outside and receiving an authentication result of the 
certification authority, and a display advice for displaying a 
judgment result. 



8. An authentication IC card comprising a CPU, an 
authentication file storing identity information, and an 
application file classified into files according to the depth of 
authentication, wherein when\requested from the outside to 
present information recorded ifJthe application file, the CPU 
compares identity information input from the outside with the 
identity information stored in the authentication file, and 
confirms the depth of authentication, whereby if an acceptance i 



derived from the isomparison, the information of the application 
file is presented thxough the CPU. 

9. An authenti\ation/ IC card comprising a CPU, an 
authentication file storing identity information, and an 
application file classified \nto files according to the depth of 
authentication, wherein, when requested from the outside to 

\ 

present information recorded in ^le application file, the CPU 
outputs the identity information s\^red in the authentication 
file, whereby access to the application file is allowed through 
the CPU based on the judgment result frtom an external device. 

10. An authentication IC card accoVding to claim 8 or 9, 
wherein each file of the application file records an ID 
indicative of the authority to conduct each target transaction. 

11. An authentication IC card accordiVig to any of claims 
8 through 10, wherein qualification conditions \to access each 
application file are pre-registered so that only the qualified 
persons are allowed to access the corresponding Vfile . 

12. An authentication IC card comprising^ a CPU, an 
authentication file storing identity information ob: both of 
identity information and authentication information, and an 
application file storing job programs or data classified 
according to the depth of authentication, and when access to the 
application file is requested from the outside, the 
authentication IC card allowing the access as a result ^f 



judgment based on the identity information or the authentication 
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informatuon of the authentication file, wherein the 
authentication file stores identity information on at least one 

\ 

second person other than the first person subject to personal 
authenticato^on with the card, or authentication information on at 

\ 

least one orgaxiism with predetermining a job or data to request 
for authenticating the second person or organism, and when 
requested to exequte such a specific job as to request for 
authenticating the\ second person or organism, or to show the data, 
the CPU compares identity information or authentication 
information input by Vhe second person or the organism from the 
outside with the identify infojrmation or authentication 
information of the authentication file to allow execution of the 
specific job or showing tn^ ya^ta when the authentication is 
acceptable - 

13. An authenticatioV IC card according to claim 12, 
wherein the CPU outputs the identity information or 
authentication information stor^ in the authentication file to 
the external device, whereby access to the application file is 
allowed through the CPU based on tlje judgment result from the 
external device . 

14 . An authentication IC carVl according to claim 12 or 
13, wherein authentication of the persons or organism is executed 
for both the first person and the secona person or organism, 
whereby access to the application file isy allowed when both has 
passed in the authentication. 



\ 15. An authentication IC card according to any of claims 
12 through 14, further comprising a file for electronic 
certificates on which the contents of authentication are recorded 
so as to present an electronic certificate indicative of the 
contents of the authentication used for access to the application 
file. \ 

16. A iock control system comprising an IC card reader 
and an identity data input device, wherein the IC card reader 
reads out an IC card recording personal authentication data of a 
user so that identiW data input through the identity data input 
device is checked witth the personal authentication data recorded 
in the IC card, whereof a corresponding lock is opened when the 
user passes in the pers)m?ial authentication. 

17. A lock control system according to claim 16, wherein 
the personal authenticatioA data recorded in the IC card include 
user's living body informatifon data or information data created 
by the user. \ 

18. A lock control system according to claim 16 or 17, 
wherein the IC card can selectively record plural kinds of 
personal authentication data. \ 

19. A lock control system according to claim 18, wherein 
the lock is provided in each control district of a storage that 
is divided into plural control districtsXso that the personal 
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